Latest articles

Five years ago, cloud computing was one of the top emerging new technologies, nowadays it is almost common place. This rapid introduction of cloud business models in our society coincides with critical questions on the cloud’s risks, such as security and privacy. Moreover, there seems to be an increased demand for accountable behaviour in the cloud. This paper explores how society understands the cloud, its related risks and the need for accountability in the cloud.

Nowadays there are many offerings of cloud services all over the world which have various security requirements depending on their business use. The compliance of these cloud services with the predefined security policies should be proven. In a cloud infrastructure this is not an easy job, because of its immense complexity.

Although the technology for cloud services has been maturing for more than a decade, many potential users still have some concerns about the security and especially privacy. Users need to analyze the risks to face prior to embracing the cloud concept. Recently, many organizations and researchers assessed the cloud risks. There are also both quantitative and qualitative models developed for this purpose. Our tutorial first introduces the definitions and then provides a survey on the results from cloud risk assessment efforts and risk models developed for cloud.

Accountability in the Cloud is a key concept that is determined by the accountability attributes. For assessing how accountable an organisation is we should be able to assess or provide techniques for measuring the attributes that influence on accountability. How much or to what extent they should be measured is a key issue. One of the goals of the A4Cloud project is, therefore, to develop a collection of metrics for performing meaningful measures on the attributes that influence accountability.

This paper elaborates HCI (Human-Computer Interaction) requirements for making cloud data protection tools comprehensible and trustworthy. The requirements and corresponding user interface design principles are derived from our research and review work conducted to address in particular the following HCI challenges: How can the users be guided to better comprehend the flow and traces of data on the Internet and in the cloud? How can individual end users be supported to do better informed decisions on how their data can be used by cloud providers or others?

Cloud computing represents a major shift in the way Information and Communication Technology (ICT) is deployed and utilised across industries. Alongside the technological developments, organisations need to adapt to emerging operational needs associated with data governance, policy and responsibility, as well as compliance with regulatory regimes that may be multi-jurisdictional in nature. This paper is concerned with data governance in cloud ecosystems.

A major feature of public cloud services is that data are processed remotely in unknown systems that the users do not own or operate. This context creates a number of challenges related to data privacy and security and may hinder the adoption of cloud technology. One of these challenges is how to maintain transparency of the processes and procedures while at the same time providing services that are secure and cost effective. This paper presents results from an empirical study in which the cloud customers identified a number of transparency requirements to the adoption of cloud providers.

Cloud accountability audits can be used to strengthen trust of cloud service customers in cloud computing by providing reassurance regarding the correct processing of personal or confidential data in the cloud. However, such audits require various information to be collected. The types of information range from authentication and data access logging to location information, information on security controls and incident detection.

Cloud computing is becoming a key IT infrastructure technology being adopted progressively by companies and users. Still, there are issues and uncertainties surrounding its adoption, such as security and how users data is dealt with that require attention from developers, researchers, providers and users. The A4Cloud project tries to help solving the problem of accountability in the cloud by providing tools that support the process of achieving accountability. This paper presents the contents of the first A4Cloud tutorial.

Cloud Computing raises various security and privacy challenges due to the customers’ inherent lack of control over their outsourced data. One approach to encourage customers to take advantage of the cloud is the design of new accountability solutions which improve the degree of transparency with respect to data processing. In this paper, we focus on accountability policies and propose A-PPL, an accountability policy language that represents machine-readable accountability policies.